[c-nsp] How secure ASR management interface is?

Alex K. nsp.lists at gmail.com
Sat Apr 20 07:45:50 EDT 2019


Hello everyone,

An interesting question I got from one of my customers - how secure Cisco
ASR management interface is? Meaning, how really *separate* it is.

Since after all, ASR CPU is connected to both the management interface and
router forwarding matrix, hence providing at least theoretical path for
data exfiltration.

Now, I'm not talking about your friendly NSA, sending you especially
crafted router nor one I've updated with the latest IOS downloaded from
wehackyourbank.ru. Just plain ASR, running legitimate IOS image. Can a
rogue employee configure a router in such a way, it will *forward* traffic
between it regular and management interfaces? Maybe by dropping to routers'
RP Linux shell and messing it up there? Is anybody ever heard of such
attack or aware of CVE similar to the above?

Your help will be highly appreciated,
Thank you.


More information about the cisco-nsp mailing list